User security authentication system in internet and method thereof

ABSTRACT

Example embodiments of the present invention provides a system and method for user security authentication in an Internet environment, in which the user may generate encoded member authentication data by combining a member ID, a password, and a unique code value of a security code selection module that are selected when the user has signed up for membership to any web service provider system, thus increasing code complexity in an access stage in which the web service provider system is accessed as well as simply enhancing security.

CLAIM OF PRIORITY

This application is a Continuation of U.S. application Ser. No.15/109,615, filed on Jul. 1, 2016, which is a U.S. National Stage Filingunder 35 U.S.C. 371 from International Application No.PCT/KR2014/012663, filed on 22 Dec. 2014, and published as WO2015/102279 A1 on 9 Jul. 2015, which claims the benefit of KoreanApplication Serial No. 10-2014-0000300, filed on 2 Jan. 2014, whichapplications and publication are incorporated by reference herein intheir entirety.

TECHNICAL FIELD

Example embodiments of the present invention relate in general to asystem and method for user security authentication in an Internetenvironment and more specifically to a system and method for usersecurity authentication in an Internet environment, in which the usermay generate encoded member authentication data by combining a memberID, a password, and a unique code value of a security code selectionmodule that are selected when the user has signed up for membership toany web service provider system, thus increasing code complexity in astage at which the web service provider system is accessed as well assimply enhancing security.

RELATED ART

In general, the Internet is composed of computers, which are separatedfrom and communicate to each other based on a transmission controlprotocol/Internet protocol (TCP/IP), and networks including thecomputers. A variety of information is shared between different networksover the Internet.

In the early stage, the Internet provided services such as an electronicmail, a gopher, a telnet, a file transfer protocol (FTP), which did notwidely spread due to limited services that were based on text.

However, the Internet rapidly spread with development of a new Internetservice technology that is called the World Wide Web (hereinafter,referred to as the web).

The web may provide various forms of information (for example, acharacter, an image, a video, a voice, etc.) based on a communicationprotocol called hypertext transfer protocol (HTTP) and a language suchas hypertext markup language (HTML).

In addition, at an initial stage, the web provided hypertext that wassimply associated with character information, using a hyperlinktechnique that allowed direct movement from one piece of information toanother piece of information, but, presently, implements hypermedia thatassociates an image, a video, and a voice according to a request ofmultimedia information from a user.

Accordingly, the number of networks connected to, and using, theInternet rapidly increases, thus increasing the range and content ofinformation included in the Internet.

In such an Internet environment, several web services that are typicallyprovided, for example, an electronic transaction, are applied over theInternet using the above-described advantages. Furthermore, new types ofweb services are currently being developed.

Here, in such an Internet environment, any web service provider systemoperates a specific user identification (member ID and password) andauthentication means to perform management and security by a user.Accordingly, in order to use the web service provider system, specificidentification information is assigned to each user, and an individualauthentication procedure is performed on the identification informationwhenever the web service provider system is accessed.

In conventional user identification and authentication in an Internetenvironment, in order to protect a random character input attemptthrough a specific program for the purpose of account takeover, a longcharacter string is generated to increase complexity to provideprotection against a security threat such as the account takeover.However, as the character string code is longer, the user has difficultyin remembering the code.

SUMMARY

Accordingly, example embodiments of the present invention are providedto substantially obviate one or more problems due to limitations anddisadvantages of the related art.

Example embodiments of the present invention provides a system andmethod for user security authentication in an Internet environment, inwhich the user may generate encoded member authentication data bycombining a member ID, a password, and a unique code value of a securitycode selection module that are selected when the user has signed up formembership to any web service provider system, thus increasing codecomplexity in an access stage in which the web service provider systemis accessed as well as simply enhancing security.

In some example embodiments, a system for user security authenticationin an Internet environment includes: a user terminal equipped with a webbrowser; a web server connected with the user terminal over the Internetand configured to transmit a webpage in response to an access of theuser terminal, transmit a member authentication means to the webpage ofthe user terminal in response to a web service request, and provide aweb service to the user terminal in response to reception of encodedmember authentication data from the user terminal; a memberauthentication information DB configured to store member information ofusers who have signed up for membership and member authentication datafor authenticating the membership to receive the web service provided bythe web server; and a member authentication server configured to receivethe encoded member authentication data from the user terminal throughthe web server, decode the encoded member authentication data, andanalytically compare the decoded member authentication data with themember authentication data stored in the member authenticationinformation DB to determine whether a corresponding user isauthenticated as a member, in which the member authentication meansincludes a member ID, a password, and a security code selection module,the security code selection module includes a plurality of codeselection display means having respective encoded unique code values andis displayed on the webpage of the user terminal, and the memberauthentication data transmitted from the user terminal includes dataencoded by combining a member ID, a password and a unique code value ofat least one code selection display means selected among the pluralityof code selection display means in the security code selection module.

The security code selection module may be configured as asingle-dimensional or multidimensional table, and the plurality of codeselection display means may be arranged on the table to be selected by auser.

The plurality of code selection display means may include at least oneof a number, a character, a figure, an image, a color, and a keyword ora combination thereof.

When the plurality of code selection display means are displayed on thewebpage of the user terminal, the web server may provide a service suchthat the plurality of code selection display means are displayed in arandom order of arrangement.

When a plurality of code selection display means selected in thesecurity code selection module, the member authentication server maycompare an order of selecting the code selection display means in themember authentication data transmitted from the user terminal and anorder of selecting code selection display means in the memberauthentication data stored in the member authentication information DBto determine whether the user is authenticated as a member.

The web server may provide a service such that a predetermined delimitercharacter is additionally inserted into the member authentication datainput through the member authentication means at predetermined intervalsto be encoded, and the member authentication server may provide aservice such that the predetermined delimiter character is additionallyinserted into the member authentication data stored in the memberauthentication information DB at the predetermined intervals to beupdated.

In other example embodiments, a method of user security authenticationusing a system including a web server connected with a user terminalequipped with a web browser over the Internet and configured to providea web service and a member authentication server includes steps of: (a)requesting a web service from the web server through the user terminal;(b) transmitting a member authentication means to a webpage of the userterminal in response to the request of the web service in step (a)through the web server; (c) transmitting encoded member authenticationdata using the member authentication means transmitted in step (b)through the user terminal; (d) receiving the encoded memberauthentication data transmitted in step (c), decoding the receivedencoded member authentication data, and analytically comparing thedecoded member authentication data with member authentication datapreviously stored in a separate member authentication information DB todetermine whether a corresponding user is authenticated as a member,through the member authentication server; and (e) when the user isdetermined to be authenticated as a member in step (d), providing theweb service to the user terminal through the web server, in which instep (b), the member authentication means includes a member ID, apassword, and a security code selection module, and the security codeselection module includes a plurality of code selection display meanshaving respective encoded unique code values and is displayed on thewebpage of the user terminal, and wherein in step (c), the memberauthentication data transmitted from the user terminal includes dataencoded by combining a member ID, a password and a unique code value ofat least one code selection display means selected among the pluralityof code selection display means in the security code selection module.

The security code selection module may be configured as asingle-dimensional or multidimensional table, and the plurality of codeselection display means may be arranged on the table to be selected by auser.

Each of the plurality of code selection display means may include atleast one of a number, a character, a figure, an image, a color, and akeyword or a combination thereof.

When the plurality of code selection display means are displayed on thewebpage of the user terminal, the web server may provide a service suchthat the plurality of code selection display means are displayed in arandom order of arrangement.

The method of claim 7, wherein when a plurality of code selectiondisplay means are selected in the user in the security code selectionmodule of the member authentication means in step (c), the memberauthentication server may compare an order of selecting the codeselection display means in the member authentication data transmittedfrom the user terminal and an order of selecting code selection displaymeans in the member authentication data stored in the memberauthentication information DB to determine whether the user isauthorized as a member.

The method may further include, after step (c), providing a service suchthat a predetermined delimiter character is additionally inserted intothe member authentication data input from the member authenticationmeans at predetermined intervals to be encoded through the web serverand providing a service such that the predetermined delimiter characteris additionally inserted into the member authentication data stored inthe member authentication information DB at the predetermined intervalsto be updated through the member authentication server.

In still other example embodiments, a computer-readable recording mediumstoring a program for executing the method of user securityauthentication in an Internet environment is provided.

The method of user security authentication in an Internet environmentmay be implemented as computer-readable codes on the computer-readablerecording medium. The computer-readable recording medium includes allkinds of recording devices for storing data which can be thereafter readby a computer system.

Examples of the computer-readable recording medium include a read-onlymemory (ROM), a random-access memory (RAM), a CD-ROM, a magnetic tape, ahard disk, a floppy disk, a mobile storage device, a non-volatile memory(flash memory), and an optical data storage device.

BRIEF DESCRIPTION OF DRAWINGS

Example embodiments of the present invention will become more apparentby describing in detail example embodiments of the present inventionwith reference to the accompanying drawings, in which:

FIG. 1 is a block diagram illustrating a system for user securityauthentication in an Internet environment according to an embodiment ofthe present invention;

FIG. 2 is a flowchart illustrating a method of user securityauthentication in an Internet environment according to an embodiment ofthe present invention;

FIG. 3 is a view showing a member login screen for accessing a webservice provider system that is applied in an embodiment of the presentinvention; and

FIGS. 4 to 7 are views showing various examples of a code selectiondisplay means in a security code selection module that is applied to anembodiment of the present invention.

DESCRIPTION OF EXAMPLE EMBODIMENTS

Advantages and features of the present invention, and implementationmethods thereof will be clarified through following embodimentsdescribed with reference to the accompanying drawings. The presentinvention may, however, be embodied in different forms and should not beconstrued as limited to the embodiments set forth herein. Rather, theseembodiments are provided so that this disclosure will be thorough andcomplete, and will fully convey the scope of the present invention tothose skilled in the art. Like reference numerals refer to like elementsthroughout. As used herein, the term “and/or,” includes any and allcombinations of one or more of the associated listed items.

It will be understood that, although the terms “first,” “second,” etc.may be used herein to describe various elements, components, and/orsections, these elements, components, and/or sections should not belimited by these terms. These terms are only used to distinguish oneelement, component, or section from another element, component, orsection. Thus, a first element, component, or section discussed belowcould be termed a second element, component, or section withoutdeparting from the teachings of example embodiments.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of exampleembodiments. As used herein, the singular forms “a,” “an” and “the” areintended to include the plural forms as well, unless the context clearlyindicates otherwise. It will be further understood that the terms“comprises” and/or “comprising,” when used in this specification,specify the presence of stated features, integers, steps, operations,elements, and/or components, but do not preclude the presence oraddition of one or more other features, integers, steps, operations,elements, components, and/or groups thereof.

Unless otherwise defined, all terms (including technical and scientificterms) used herein have the same meaning as commonly understood by oneof ordinary skill in the art to which this inventive concept belongs. Itwill be further understood that terms, such as those defined in commonlyused dictionaries, should be interpreted as having a meaning that isconsistent with their meaning in the context of the relevant art andwill not be interpreted in an idealized or overly formal sense unlessexpressly so defined herein.

In the following description, when the detailed description of therelevant known functions or configurations is determined tounnecessarily obscure the important point of the present invention, thedetailed description will be omitted. Also, the terms described beloware defined in consideration of the functions in the present invention,and thus may vary depending on intentions or customs of a user oroperator. Accordingly, the terms will be defined based on the wholespecification.

FIG. 1 is a block diagram illustrating a system for user securityauthentication in an Internet environment according to an embodiment ofthe present invention.

Referring to FIG. 1, a system for user security authentication in anInternet environment according to an embodiment includes at least oneuser terminal 100-1 to 100-N, a web server 200, a member authenticationinformation DB 300, and a member authentication server 400.

Here, the user terminal 100-1 to 100-N is connected to the web server200 over the Internet 10 and includes a typical web browser that is usedto retrieve and display a web page, such as various hypertext markuplanguage (HTML) documents, provided by the web server 200 on a screen.

That is, the user terminal 100-1 to 100-N includes a web browser foraccessing a plurality of websites, for example, the web server 200,through the Internet 10 to search for a webpage transmitted from the webserver 200, processing information provided in a corresponding website,and transmitting a corresponding document.

In general, the user terminal 100-1 to 100-N may be a computer such as adesktop personal computer (PC) and a notebook PC, but is not limitedthereto. The user terminal 100-1 to 100-N may be any type ofwired/wireless communication device that may access the web server 200through the Internet 10 to use various web services.

Examples of the user terminal 100-1 to 100-N include a mobile terminal,such as a cellular phone, a personal communication service (PCS) phone,a synchronous/asynchronous International Mobile Telecommunication-2000(IMT-2000) phone, and so on, which can communicate through the wirelessInternet or portable Internet, and may also refer to all wired/wirelesshome/communication devices having a user interface for accessing the webserver 200, such as a palm personal computer (PC), a personal digitalassistant (PDA), a smartphone, a wireless application protocol (WAP)phone, a mobile playstation, a PDA phone, a digital multimediabroadcasting phone having a communication function, a tablet PC, an iPadand so on.

The Internet 10 refers to an open global computer network structure thatcan provide several services in the TCP/IP protocol and its upper layer,that is, a hypertext transfer protocol (HTTP), Telnet, file transferprotocol (FTP), domain name system (DNS), simple mail transfer protocol(SMTP), simple network management protocol (SNMP), network file service(NFS), network information service (NIS), or the like, and provides anenvironment in which any user of the user terminal 100-1 to 100-N mayaccess the web server 200 that is described below. The Internet 10 maybe a wired or wireless network, or a core network integrated with awired public network, a wireless mobile communication network, or aportable Internet network.

The web server 200 functions to connect the user terminal 100-1 to 100-Nwith an administration server (not shown) that is provided to any webservice provider system over the Internet 10 and provide various webservices of the administration server provided in the web serviceprovider system through a certain web page. The web server 200 mayperform the same function as that of the administration server providedin the web service provider system.

In particular, the web server 200 is connected with the user terminal100-1 to 100-N over the Internet 10 and configured to transmit a webpagein response to an access of the user terminal 100-1 to 100-N, transmit amember authentication means to the webpage of the user terminal 100-1 to100-N in response to a web service request, and provide a web service tothe user terminal 100-1 to 100-N in response to reception of encodedmember authentication data from the user terminal 100-1 to 100-N.

In this case, the member authentication means may include, for example,a member ID, a password, and a security code selection module, as shownin FIG. 3, and the security code selection module may include aplurality of code selection display means having respective encodedunique code values and is displayed on the webpage of the user terminal100-1 to 100-N.

If the plurality of code selection display means are displayed on thewebpage of the user terminal 100-1 to 100-N, the web server 200 mayprovide a service such that the plurality of code selection displaymeans are displayed in a random order of arrangement.

The member authentication data transmitted from the user terminal 100-1to 100-N includes data encoded by combining a member ID, a password anda unique code value of at least one code selection display meansselected among the plurality of code selection display means in thesecurity code selection module.

The security code selection module may be configured as asingle-dimensional (one-dimensional) or multidimensional (two, three, orfour-dimensional) table, and the plurality of code selection displaymeans may be arranged on the table to be selected by a user.

The plurality of code selection display means may include at least oneof a number, a character, a figure, an image, a color, and a keyword ora combination thereof (see FIGS. 4 to 7).

The member authentication information DB 300 functions to build adatabase including member information of users who have signed up formembership and member authentication data for authenticating themembership for each member to receive the web service provided by theweb server 200.

The member authentication information DB 300 may be implemented for thepurpose of the present invention, using a relational database managementsystem (RDBMS), such as Oracle, Infomix, Sybase, and DB2, and anobject-oriented database management system (OODBMS), such as Gemstone,Orion, and O2, and configured to have a field suitable for accomplishingits function.

The member authentication server 400 is connected with the web server200 through a wired/wireless communication means and functions toreceive the encoded member authentication data from the user terminal100-1 to 100-N through the web server 200, decode the received encodedmember authentication data, and analytically compare the decoded memberauthentication data with the member authentication data stored in themember authentication information DB 300 to determine whether acorresponding user is authenticated as a member.

When a plurality of code selection display means are selected by theuser in the security code selection module of the member authenticationmeans, the member authentication server 400 may compare an order ofselecting the code selection display means in the member authenticationdata transmitted from the user terminal 100-1 to 100-N and an order ofselecting code selection display means in the member authentication datastored in the member authentication information DB 300 to determinewhether the user is authenticated as a member.

Additionally, the web server 200 may provide a service such that apredetermined delimiter character (for example, a special character) isadditionally inserted into the member authentication data input throughthe member authentication means at predetermined intervals to beencoded, and the member authentication server 400 may provide a servicesuch that the predetermined delimiter character is additionally insertedinto the member authentication data previously stored in the memberauthentication information DB 300 at the predetermined intervals to beupdated.

A method of user security authentication in an Internet environmentaccording to an embodiment of the present invention will be described indetail below.

FIG. 2 is a flowchart illustrating a method of user securityauthentication in an Internet environment according to an embodiment ofthe present invention, FIG. 3 is a view showing a member login screenfor accessing a web service provider system that is applied in anembodiment of the present invention, and FIGS. 4 to 7 are views showingvarious examples of a code selection display means in a security codeselection module that is applied to an embodiment of the presentinvention.

Referring to FIGS. 1 to 7, in a method of user security authenticationin an Internet environment according to an embodiment of the presentinvention, first, a user accesses a specific webpage provided by the webserver 200 of any web service provider system through the user terminal100-1 to 100-N and signs up for membership.

In this case, the user selects at least one of a plurality of codeselection display means of the security code selection module that isprovided by the web server 200 and allows the selected code selectiondisplay means to be stored in the member authentication information DB300 in addition to a member ID and a password.

Next, when the user requests a web service from the web server 200through the user terminal 100-1 to 100-N (S100), the web server 200transmits a member authentication means to a webpage of the userterminal 100-1 to 100-N in response to a web service request in S100(S200).

In this case, the member authentication means may include a member ID, apassword, and a security code selection module, as shown in FIG. 3, andthe security code selection module may include a plurality of codeselection display means having respective encoded unique code values andis displayed on the web page of the user terminal 100-1 to 100-N (seeFIGS. 4 to 7).

In addition, the security code selection module may be configured as asingle-dimensional (one-dimensional) or multidimensional (two, three, orfour-dimensional) table, and the plurality of code selection displaymeans may be arranged on the table to be selected by a user.

Further, the plurality of code selection display means may include atleast one of a number, a character, a figure, an image, a color, and akeyword or a combination thereof as shown in FIGS. 4 to 7.

When the plurality of code selection display means are displayed on thewebpage of the user terminal 100-1 to 100-N, the web server 200 mayprovide a service such that the plurality of code selection displaymeans are displayed in a random order of arrangement.

Subsequently, the user terminal 100-1 to 100-N transmits encoded memberauthentication data using the member authentication means transmitted inS200 to the web server 200 (S300).

In this case, the member authentication data transmitted from the userterminal 100-1 to 100-N includes data encoded by combining a member ID,a password and a unique code value of at least one code selectiondisplay means selected among the plurality of code selection displaymeans in the security code selection module.

Next, the member authentication server 400 receives the encoded memberauthentication data transmitted in S300, decodes the received encodedmember authentication data, and analytically compares the decoded memberauthentication data with member authentication data previously stored ina separate member authentication information DB 300 to determine whethera corresponding user is authenticated as a member (S400).

When a plurality of code selection display means are selected by theuser in the security code selection module of the member authenticationmeans in S300, the member authentication server 400 may compare an orderof selecting the code selection display means in the memberauthentication data transmitted from the user terminal 100-1 to 100-Nand an order of selecting code selection display means in the memberauthentication data stored in the member authentication information DB300 to determine whether the user is authenticated as a member.

That is, when a result of the comparison is that the order of selectingthe code selection display means transmitted from the user terminal100-1 to 100-N is the same as the order of selecting the code selectiondisplay means stored in the member authentication information DB 300,the member authentication server 400 authenticates the user as a member.

Subsequently, when a result of the determination in S400 is that theuser is authenticated as a member because the decoded memberauthentication data is the same as the member authentication datapreviously stored in the member authentication information DB 300, theweb server 200 provides the web service to the user terminal 100-1 to100-N (S500).

Additionally, after S300, the method may further include providing, bythe web server 200, a service such that a predetermined delimitercharacter (for example, a special character) is additionally insertedinto the member authentication data input through the memberauthentication means at predetermined intervals to be encoded.Preferably, the member authentication server 400 may provide a servicesuch that the predetermined delimiter character is additionally insertedinto the member authentication data stored in the member authenticationinformation DB 300 at the predetermined intervals to be updated todetermine whether the member is authenticated as a member.

The method of user security authentication in an Internet environmentaccording to an embodiment of the present invention can also beimplemented as computer-readable codes on a computer-readable recordingmedium. The computer-readable recording medium is any data storagemedium that can store data which can be thereafter read by a computersystem.

Examples of the computer-readable recording medium include a read-onlymemory (ROM), a random-access memory (RAM), a CD-ROM, a magnetic tape, ahard disk, a floppy disk, a mobile storage device, a non-volatile memory(flash memory), and an optical data storage device.

The computer-readable recording medium can also be distributed overcomputer systems connected through a computer communication network sothat the computer-readable code is stored and executed in a distributedfashion.

With the system and method for user security authentication in anInternet environment according to an embodiment of the presentinvention, a user can generate encoded member authentication data bycombining a member ID, a password, and a unique code value of a securitycode selection module that are selected when the user has signed up formembership to any web service provider system, thus increasing codecomplexity in an access stage at which the web service provider systemis accessed as well as simply enhancing security.

While the preferred embodiments of the system and method for usersecurity authentication in an Internet environment are described, thepresent invention is not limited thereto, various modifications may bemade therein, and the appended claims are intended to cover all suchmodifications which may fall within the spirit and scope of theinvention.

What is claimed is:
 1. A system for providing security authentication inan Internet environment, the system comprising: one or more servershaving one or more processing circuits and a non-transitory storagemedium, the non-transitory storage medium having computer code that isexecutable by the one or more processing circuits to cause the one ormore servers to perform operations comprising: generating, for displayon a user device, a webpage for receiving user authenticationinformation from a user, the user authentication information comprisinguser credentials and a selection of at least one of a plurality ofdisplayed code objects, the plurality of displayed code objects eachhaving a unique code value comprising at least two characters;receiving, from the user device, the user authentication informationcomprising data that combines the user credentials and the unique codevalue of the selected at least one of the plurality of displayed codeobjects; determining whether the data of the received userauthentication information corresponds to previously stored memberauthentication data for the user, the previously stored memberauthentication data comprising a preselected at least one of theplurality of displayed code objects; and enabling the user device toaccess a web service in response to determining that the data of thereceived user authentication information corresponds to the previouslystored member authentication data for the user.
 2. The system of claim1, wherein the webpage includes a plurality of fields that are currentlydisplayed, a first field of the plurality of fields configured toreceive a member ID, a second field of the plurality of fieldsconfigured to receive a password, and a third of the plurality of fieldsconfigured to present the plurality of displayed code objects, andwherein the data that combines the user credentials and the unique codevalue comprises data encoded by combining the member ID in the firstfield, the password in the second field, and the unique code value ofthe selected at least one of the plurality of displayed code objects inthe third field.
 3. The system of claim 1, wherein the operationsfurther comprise: decoding the received data that combines the usercredentials and the unique code value; and analytically comparing thedecoded data with the previously stored member authentication data forthe user.
 4. The system of claim 1, wherein the unique code values ofthe displayed code objects do not provide an indication of a renderedindicator of at least one code selection display object.
 5. The systemof claim 1, wherein the at least one of the plurality of displayed codeobjects includes at least one of a number, a character, a figure, animage, a color, or a keyword or a combination thereof.
 6. The system ofclaim 1, wherein the operations further comprise providing, based on theat least one of the plurality of displayed code objects being displayedthe webpage of the user device, a service to display the plurality ofdisplayed code objects in a random order of arrangement.
 7. The systemof claim 1, wherein the operations further comprise comparing, based onreceiving the data, a sequence of selecting at least two displayed codeobjects and a previously stored sequence of displayed code objects todetermine whether the user is authenticated as a member.
 8. The systemof claim 1, wherein the operations further comprise: inserting, atpredetermined intervals, a predetermined delimiter character intoreceived member authentication data used to generate encoded memberauthentication data; and inserting the predetermined delimiter characterinto the stored member authentication data at the predeterminedintervals.
 9. A method comprising: generating, by one or moreprocessors, for display on a user device, a webpage for receiving userauthentication information from a user, the user authenticationinformation comprising user credentials and a selection of at least oneof a plurality of displayed code objects, the plurality of displayedcode objects each having a unique code value comprising at least twocharacters; receiving, from the user device, the user authenticationinformation comprising data that combines the user credentials and theunique code value of the selected at least one of the plurality ofdisplayed code objects; determining whether the data of the receiveduser authentication information corresponds to previously stored memberauthentication data for the user, the previously stored memberauthentication data comprising a preselected at least one of theplurality of displayed code objects; and enabling the user device toaccess a web service in response to determining that the data of thereceived user authentication information corresponds to the previouslystored member authentication data for the user.
 10. The method of claim9, wherein the webpage includes a plurality of fields that are currentlydisplayed, a first field of the plurality of fields configured toreceive a member ID, a second field of the plurality of fieldsconfigured to receive a password, and a third of the plurality of fieldsconfigured to present the plurality of displayed code objects, andwherein the data that combines the user credentials and the unique codevalue comprises data encoded by combining the member ID in the firstfield, the password in the second field, and the unique code value ofthe selected at least one of the plurality of displayed code objects inthe third field.
 11. The method of claim 9, further comprising: decodingthe received data that combines the user credentials and the unique codevalue; and analytically comparing the decoded data with the previouslystored member authentication data for the user.
 12. The method of claim9, wherein the unique code values of the displayed code objects do notprovide an indication of a rendered indicator of at least one codeselection display object.
 13. The method of claim 9, wherein the atleast one of the plurality of displayed code objects includes at leastone of a number, a character, a figure, an image, a color, or a keywordor a combination thereof.
 14. The method of claim 9, further comprisingproviding, based on the at least one of the plurality of displayed codeobjects being displayed the webpage of the user device, a service todisplay the plurality of displayed code objects in a random order ofarrangement.
 15. The method of claim 9, further comprising comparing,based on receiving the data, a sequence of selecting at least twodisplayed code objects and a previously stored sequence of displayedcode objects to determine whether the user is authenticated as a member.16. The method of claim 9, further comprising: inserting, atpredetermined intervals, a predetermined delimiter character intoreceived member authentication data used to generate encoded memberauthentication data; and inserting the predetermined delimiter characterinto the stored member authentication data at the predeterminedintervals.
 17. A non-transitory computer-readable storage medium storinga set of computer executable instructions, the instructions, whenexecuted by one or more processors of computer, cause the computer toperform operations comprising: generating, for display on a user device,a webpage for receiving user authentication information from a user, theuser authentication information comprising user credentials and aselection of at least one of a plurality of displayed code objects, theplurality of displayed code objects each having a unique code valuecomprising at least two characters; receiving, from the user device, theuser authentication information comprising data that combines the usercredentials and the unique code value of the selected at least one ofthe plurality of displayed code objects; determining whether the data ofthe received user authentication information corresponds to previouslystored member authentication data for the user, the previously storedmember authentication data comprising a preselected at least one of theplurality of displayed code objects; and enabling the user device toaccess a web service in response to determining that the data of thereceived user authentication information corresponds to the previouslystored member authentication data for the user.
 18. The non-transitorycomputer-readable storage medium of claim 17, wherein the webpageincludes a plurality of fields that are currently displayed, a firstfield of the plurality of fields configured to receive a member ID, asecond field of the plurality of fields configured to receive apassword, and a third of the plurality of fields configured to presentthe plurality of displayed code objects, and wherein the data thatcombines the user credentials and the unique code value comprises dataencoded by combining the member ID in the first field, the password inthe second field, and the unique code value of the selected at least oneof the plurality of displayed code objects in the third field.
 19. Thenon-transitory computer-readable storage medium of claim 17, wherein theoperations further comprise: decoding the received data that combinesthe user credentials and the unique code value; and analyticallycomparing the decoded data with the previously stored memberauthentication data for the user.
 20. The non-transitorycomputer-readable storage medium of claim 17, wherein the unique codevalues of the displayed code objects do not provide an indication of arendered indicator of at least one code selection display object.